CVE-2024-26314 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04)

A vulnerability has been found in Mitsubishi Electric CPU Module Logging Configuration Tool, CSGL, CW Configurator, Data Transfer, Data Transfer Classic, EZSocket, FR Configurator SW3, FR Configurator2, GENESIS64, GT Designer3, GT SoftGOT1000, GT SoftGOT2000, GX Developer, GX LogViewer, GX Works2, GX Works3, iQ Works, MI Configurator, Numerical Control Device Communication Software, MR Configurator, MR Configurator2, MRZJW3-MC2-UTL, MX Component, MX OPC Server DA UA, PX Developer Monitor Tool, RT ToolBox3, RT VisualBox, Monitoring tools for the C Controller Module, SW0DNC-MNETH-B, SW1DNC-CCBD2-B, SW1DNC-CCIEF-J, SW1DNC-CCIEF-B, SW1DNC-MNETG-B, SW1DNC-QSCCF-B and SW1DND-EMSDK-B and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management.

This vulnerability is known as CVE-2024-26314. An attack has to be approached locally. There is no exploit available.

CVE-2024-26314 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04)

Related Posts

CVE-2024-33327 | Lumisxp 15.0.x/16.1.x UrlAccessibilityEvaluation.jsp contentHtml cross site scripting

CVE-2021-34960 | Foxit PDF Editor 11.0.0.49893 Circle Annotation use after free (ZDI-21-1191)

CVE-2024-20802 | Samsung Mobile Devices DeX access control

CVE-2024-40412 | Tenda AX12 v1.0 22.03.01.46 sub_42E410 deviceList stack-based overflow